IBM Tivoli Monitoring, Version 6.3 Fix Pack 2

Enabling SOAP security

When you enable the Security: Validate Users option when configuring the hub monitoring server, all SOAP requests are authenticated except for CT_EMail and CT_Export requests. For information on how to configure the hub monitoring server to validate SOAP users, see the IBM Tivoli Monitoring Installation and Setup Guide. If you also want to authenticate SOAP users who are sending CT_EMail or CT_Export SOAP requests, you must enable the SOAP_IS_SECURE environment variable on the hub monitoring server.

About this task

By default the SOAP_IS_SECURE environment variable is disabled. Enabling this variable requires all users who submit CT_EMail or CT_Export requests to know a hub monitoring server credential. Setting SOAP_IS_SECURE=YES only works if user validation is turned on in the hub monitoring server.

Procedure

  1. On the computer where the hub monitoring server is installed, open the KBBENV or ms.ini file:
    Windows
    Use Manage Tivoli® Enterprise Monitoring Services (Start → Programs → IBM® Tivoli MonitoringManage Tivoli Enterprise Monitoring Services) to edit environment files. Right-click the component you want to modify and click AdvancedEdit ENV File. You must recycle the component to implement the changes.
    Linux UNIX
    Edit the environment file directly. Edit environment variables in the <install_dir>/config/ms.ini file.
  2. Locate and uncomment the line: # SOAP_IS_SECURE=YES. For example: SOAP_IS_SECURE=YES
  3. Save and close the monitoring server environment file.
  4. For Windows, you must recycle the component to implement the changes. For Linux or UNIX, you must reconfigure and recycle the monitoring server to implement the changes.
Parent topic: Configuring Tivoli Monitoring Web Services (SOAP Server)

Feedback